๐ช๐ธ
alferez
2026-07-07 07:16:20
(10 hours ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 07:14:45
(10 hours ago)
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): ...
show more
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 03:14:37.629235 2026] [security2:error] [pid 9346:tid 9346] [client 123.253.163.63:65285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 123.253.163.63 (+1 hits since last alert)|psychiatryabuse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "psychiatryabuse.com"] [uri "/xmlrpc.php"] [unique_id "akynXQFQ_eUxQnC9XiUDxwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-06 08:42:16
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
n2nguyenn2nguyen
2026-07-06 05:24:51
(1 day ago)
Blocked by YFC Security on https://brixzly.com โ type: xmlrpc_attempts
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-04 05:18:19
(3 days ago)
(wordpress) Failed wordpress login from 123.253.163.63 (IN/India/undefined.hostname.localhost)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-03 07:03:18
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): ...
show more
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:03:13.918281 2026] [security2:error] [pid 30163:tid 30163] [client 123.253.163.63:58333] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 123.253.163.63 (+1 hits since last alert)|stukabird.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stukabird.com"] [uri "/xmlrpc.php"] [unique_id "akdesfoFcKgGbBWUWDZ6OQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:33:46
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): ...
show more
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:33:38.405206 2026] [security2:error] [pid 32571:tid 32571] [client 123.253.163.63:57644] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 123.253.163.63 (+1 hits since last alert)|opticasprisma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "opticasprisma.com"] [uri "/xmlrpc.php"] [unique_id "akYUUl6HPWtvK_S8h9bS8QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-02 06:35:54
(5 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Anonymous
2026-07-02 05:28:03
(5 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-07-02 05:26:26
(5 days ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 06:13:32
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): ...
show more
(mod_security) mod_security (id:240335) triggered by 123.253.163.63 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 02:13:25.260081 2026] [security2:error] [pid 4481:tid 4481] [client 123.253.163.63:60269] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 123.253.163.63 (+1 hits since last alert)|madisonjazzorchestra.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "madisonjazzorchestra.com"] [uri "/xmlrpc.php"] [unique_id "akSwBSuG0hmYTtSZpoCNOAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-01 06:10:38
(6 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/undefined.hostname.localhost
Web App Attack
๐ช๐ธ
masterguru
2026-06-30 07:29:42
(1 week ago)
(xmlrpc) Failed xmlrpc access from 123.253.163.63 (IN/India/undefined.hostname.localhost): 5 in the ...
show more
(xmlrpc) Failed xmlrpc access from 123.253.163.63 (IN/India/undefined.hostname.localhost): 5 in the last 3600 secs (0-122)
show less
Hacking
๐บ๐ธ
Jason Howell
2026-06-30 06:31:56
(1 week ago)
123.253.163.63 - - [30/Jun/2026:01:23:21 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4721 "-" "Jetpack by ...
show more
123.253.163.63 - - [30/Jun/2026:01:23:21 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4721 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
123.253.163.63 - - [30/Jun/2026:01:25:28 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4721 "-" "Jetpack by WordPress.com"
123.253.163.63 - - [30/Jun/2026:01:27:35 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4721 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)"
123.253.163.63 - - [30/Jun/2026:01:29:46 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4720 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
123.253.163.63 - - [30/Jun/2026:01:31:54 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4722 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 04:13:41
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack